MODERN TRENDS IN THE CYBER ATTACKS AGAINST THE CRITICAL INFORMATION INFRASTRUCTURE

Size: px
Start display at page:

Download "MODERN TRENDS IN THE CYBER ATTACKS AGAINST THE CRITICAL INFORMATION INFRASTRUCTURE"

Transcription

1 International Telecommunication Union STATE AGENCY FOR INFORMATION TECHNOLOGY AND COMMUNICATIONS BULGARIAN ACADEMY OF SCIENCES NATIONAL LABORATORY OF COMPUTER VIROLOGY REGIONAL CYBERSECURITY FORUM 7-99 Oct 2008, Sofia MODERN TRENDS IN THE CYBER ATTACKS AGAINST THE CRITICAL INFORMATION INFRASTRUCTURE EUGENE NICKOLOV, PROFESSOR, DOCTOR OF MATHEMATICAL SCIENCES, CEO, NATIONAL LABORATORY OF COMPUTER VIROLOGY

2 01. THE CURRENT DEFINITIONS OF THE FUNDAMENTAL TERMS IN THIS FIELD. A. Cyber warfare. B. Infrastructure. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 2

3 A. CYBER WARFARE. 01 CYBER ATTACK CYBER WARFARE A. Cyber-warfare warfare. Also known as cybernetic war [1], or cyberwar is the use of computers and the Internet in conducting warfare in cyberspace [2]. [1] Jonathan V. Post, "Cybernetic War," Omni, May 1979, pp , reprinted The Omni Book of Computers & Robots, Zebra Books, ISBN [2] DOD, Cyberspace, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 3

4 1. TYPES OF ATTACKS. 01 There are several methods of attack in cyber-warfare warfare, this list is ranked in order of mildest to most severe. 1.1 CYBER ESPIONAGE. Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary of classified information) from individuals, competitors, rivals, groups, governments and enemies for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 4

5 1. TYPES OF ATTACKS WEB VANDALISM. Attacks that deface web pages, or denial-of of-service attacks. This is normally swiftly combated and of little harm. 1.3 PROPAGANDA. Political messages can be spread through or to anyone with access to the internet. 1.4 GATHERING DATA. Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 5

6 1. TYPES OF ATTACKS DISTRIBUTED DENIAL-OF OF-SERVICE ATTACKS. Large numbers of computers in one country launch a DoS attack against systems in another country. 1.6 EQUIPMENT DISRUPTION. Military activities that use computers and satellites for co-ordination ordination are at risk from this type of attack. Orders and communications can be intercepted or replaced, putting soldiers at risk. 1.7 ATTACKING CRITICAL INFRASTRUCTURE. Power, water, fuel, communications, commercial and transportation are all vulnerable to a cyber attack. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 6

7 1. TYPES OF ATTACKS COMPROMISED COUNTERFEIT HARDWARE. Common hardware used in computers and networks that have malicious software hidden inside the software, firmware or even the microprocessors. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 7

8 2. REPORTED THREATS The Internet security company McAfee stated in their 2007 annual report that approximately 120 countries have been developing ways to use the Internet as a weapon and the targets are financial markets, government computer systems and utilities. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 8

9 2. REPORTED THREATS In activities reminiscent of the Cold War, which caused countries to engage in clandestine activities, intelligence agencies are routinely testing networks looking for weaknesses. These techniques for probing weaknesses in the internet and global networks are growing more sophisticated every year. [3] [3] Griffiths Peter, "World faces "cyber cold war" threat", Reuters, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 9

10 2. REPORTED THREATS Jeff Green the senior vice president of McAfee Avert Labs was quoted as saying "Cybercrime is now a global issue. It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security." They predicted that future attacks will be even more sophisticated. "Attacks have progressed from initial curiosity probes to well-funded and well- organized operations for political, military, economic and technical espionage." [4] [4] "Cyber Crime: A 24/7 Global Battle", Mcafee, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 10

11 2. REPORTED THREATS The report from McAfee says that China is at the forefront of the cyber war. China has been accused of cyber-attacks on India and Germany and the United States. China denies knowledge of these attacks. Arguments have been expressed regarding China s involvement indicating,, in the methods of computer Hackers who use zombie computers, it only indicates that China has the most amount of computers that are vulnerable to be controlled. [5] [5] "China 'has 75M zombie computers' in U.S., /china_has_75m_zombie_computers_in_us/7394/ 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 11

12 2. REPORTED THREATS In April 2007, Estonia came under cyber-attack in the wake of relocation of the Bronze Soldier of Tallinn. Estonian authorities, including Estonian Foreign Minister Urmas Paet accused the Kremlin of direct involvement in the cyberattacks [6]. Estonia's defense minister later admitted he had no evidence linking cyber attacks to Russian authorities [7]. [6] Estonia accuses Russia of 'cyber attack, [7] Estonia has no evidence of Kremlin involvement in cyber attacks, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 12

13 3. KNOWN ATTACKS The United States had come under attack from computers and computer networks situated in China and Russia. See Titan Rain and Moonlight Maze [8]. It is not clear if attackers originated in those countries or used compromised computers there. [8a] [8] Jim Wolf,"U.S. Air Force prepares to fight in cyberspace", Reuters, November 3, 2006, [8a] Cyberwarfare reference materials, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 13

14 3. KNOWN ATTACKS On May 17, 2007 Estonia came under cyber attack. The Estonian parliament, ministries, banks, and media were targeted. [9] [9] Ian Traynor, 'Russia accused of unleashing cyber war to disable Estonia, 3.3 On first week of September 2007, The Pentagon and various French, German and British government computers were attacked by hackers of Chinese origin. The Chinese government denies any involvement. [9a] [9a] Chinese Official Accuses Nations of Hacking, AR html 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 14

15 3. KNOWN ATTACKS On 14 December 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian organization". During the election campaigns and riots preceding the election, there were cases of Denial-of of- service attacks against the Kyrgyz ISPs. [10] [10] Website of Kyrgyz Central Election Commission hacked by Estonian hackers, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 15

16 3. KNOWN ATTACKS In the second week of April hackers hacked the Indian MEA computers. [10a] [10a] MEA Computer Network Hacked, 3.6 Georgia fell under cyberattacks during the 2008 South Ossetia War. [10b] [10b] Cyber attacks became part of Russia-Georgia war, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 16

17 4. CYBER COUNTERINTELLIGENCE Cyber counterintelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. [11] [11] DOD - Cyber Counterintelligence, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 17

18 4. CYBER COUNTERINTELLIGENCE The intelligence community is coming to grips with the challenge of cyber warfare intelligence. Much of the advanced infrastructure used in traditional warfare, like satellite imagery, is ineffective in the realm of cyber. New techniques and technologies are required for intelligence agencies to operate in this field. [11a] [11a] World Wide War 3.0, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 18

19 4. CYBER COUNTERINTELLIGENCE In May 2008, U.S. Strategic Command's - Col. Gary McAlum chief of staff - of the command's Joint Task Force for Global Network Operations, quoted approvingly from a new intelligence report by Kevin Coleman [11b] of the Technolytics Institute that stated China aims to achieve global "electronic dominance." This report was not released to the public, however it was clear that cyber warfare intelligence was being collected and used to assess the cyber weapons capabilities of each country. [11b] About: Kevin G. Coleman is an international security and intelligence consultant with Technolytics and has regularly featured articles in DefenseTech.org and International Intelligence Magazine covering homeland security, terrorism, security and intelligence worldwide. For six years he served as a science and technology advisor to the nation s leading research and development center that service the U.S. Department of Defense, Department of Homeland Security and the Intelligence Community. Additionally, he testified before Congress on Cyber Security and Privacy, Oct 2008, Sofia Prof. DSc Eugene Nickolov 19

20 B. INFRASTRUCTURE. 01 INFRASTRUCTURE CRITICAL INFRASTRUCTURE CRITICAL INFORMATION INFRASTRUCTURE 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 20

21 1. TYPE OF INFRASTRUCTURE TECHNICAL DEFINITION. Typically refers to the technical structures that support a society, such as roads, water supply, wastewater, power grids, flood management systems, communications (internet, phone lines, broadcasting), and so forth. In the past, these systems have typically been owned and managed by local or central governments. These various elements may collectively be termed civil infrastructure, municipal infrastructure, or simply public works, although they may be developed and operated as private-sector or government enterprises. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 21

22 1. TYPE OF INFRASTRUCTURE GENERIC DEFINITION. A more generic definition of infrastructure is the network of assets "where the system as a whole is intended to be maintained indefinitely at a specified standard of service by the continuing replacement and refurbishment of its components."[12] [12] Association of Local Government Engineers New Zealand, "Infrastructure Asset Management Manual", June Edition 1.1, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 22

23 1. TYPE OF INFRASTRUCTURE INFORMATION TECHNOLOGIES (IT) DEFINITION. Infrastructure may refer to information technology, informal and formal channels of communication, software development tools, political and social networks, or beliefs held by members of particular groups. Still underlying these more general uses is the concept that infrastructure provides organizing structure and support for the system or organization it serves, whether it is a city, a nation, or a corporation. Economically, infrastructure could be seen to be the structural elements of an economy which allow for production of goods and services without themselves being part of the production process, e.g. roads allow the transport of raw materials and finished products. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 23

24 2. CRITICAL INFRASTRUCTURE The term "critical infrastructure" has been widely adopted to distinguish those infrastructure elements that, if significantly damaged or destroyed, would cause serious disruption of the dependent system or organization. Storm, flood, or earthquake damage leading to loss of certain transportation routes in a city (for example, bridges crossing a river), could make it impossible for people to evacuate and for emergency services to operate; these routes would be deemed critical infrastructure. Similarly, an on-line booking system might be critical infrastructure for an airline. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 24

25 2. CRITICAL INFRASTRUCTURE According to etymology online [13],, the word infrastructure has been around since 1927 and meant: The installations that form the basis for any operation or system. Originally in a military sense. The word is a combination of "infra", meaning "below" and "structure". [13] Online Etymology Dictionary, Douglas Harper, Historian, 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 25

26 2. CRITICAL INFRASTRUCTURE The term came to prominence in the United States in the 1980s following the publication of America in Ruins (Choate and Walter, 1981), which initiated a public- policy discussion of the nation s s "infrastructure crisis", purported to be caused by decades of inadequate investment and poor maintenance of public works. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 26

27 2. CRITICAL INFRASTRUCTURE That public-policy policy discussion was hampered by lack of a precise definition for infrastructure. The U.S. National Research Council committee cited Senator Stafford, who commented at hearings before the Subcommittee on Water Resources, Transportation, and Infrastructure; Committee on Environment and Public Works; that "probably the word infrastructure means different things to different people." The NRC panel then sought to rectify the situation by adopting the term "public works infrastructure", referring to "...both specific ic functional modes - highways, streets, roads, and bridges; mass transit; airports and airways; water supply and water resources; wastewater management; solid-waste treatment and disposal; electric power generation and transmission; telecommunications; and hazardous waste management - and the combined system these modal elements comprise. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 27

28 2. CRITICAL INFRASTRUCTURE A comprehension of infrastructure spans not only these public works facilities, but also the operating procedures, management practices, and development policies that interact together with societal demand and the physical world to facilitate the transport of people and goods, provision of water for drinking and a variety of other uses, safe disposal of society's waste products, provision of energy where it is needed, and transmission of information within and between communities." [14] [14] Infrastructure for the 21st Century, Washington, D.C., National Academy Press, In subsequent years, the word has grown in popularity and been applied with increasing generality to suggest the internal framework discernible in any technology system or business organization. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 28

29 02. THE CHANGES FOR THE LAST FEW YEARS IN THE ATTACKING INSTRUMENTS. A. Malicious Software. B. Grayware. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 29

30 1. DEFINITION Malware, a portmanteau word from the words malicious and software, is software designed to infiltrate or damage a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. [15] [15] 1.2 Many computer users are unfamiliar with the term, and often use "computer virus" for all types of malware, including true viruses. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 30

31 1. DEFINITION Software is considered malware based on the perceived intent of the creator rather than any particular features. Malware includes computer viruses, worms, trojan horses, most rootkits,, spyware, dishonest adware, crimeware and other malicious and unwanted software. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of several American states, including California and West Virginia. [16] [17] [16] National Conference of State Legislatures Virus/Contaminant/Destructive Transmission Statutes by State, [17] jcots.state.va.us/2005%20content/pdf/computer%20contamination%20bill.pdf [ :1 Penalty for Computer Contamination 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 31

32 1. DEFINITION Malware is not the same as defective software, that is, software which has a legitimate purpose but contains harmful bugs. 1.5 Preliminary results from Symantec sensors published in 2008 suggested that "the release rate of malicious code and other unwanted programs may be exceeding that of legitimate software applications." [18] [18] "Symantec Internet Security Threat Report, Trends for July-December 2007 (Executive Summary), 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 32

33 1. DEFINITION According to F-Secure, F "As much malware [was] produced in 2007 as in the previous 20 years altogether." [19] [19] F-Secure Corporation (December 4, 2007), "F-Secure Reports Amount of Malware Grew by 100% during 2007, fs_news_ _1_eng.html 1.7 Malware's most common pathway from criminals to users is through the Internet, by and the World Wide Web. [20] [20] "F-Secure Quarterly Security Wrap-up for the first quarter of 2008, fsnews_ _1_eng.html 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 33

34 2. COMPUTER VIRUSES AND WORMS The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any other particular behavior. 2.2 The term computer virus is used for a program which has infected some executable software and which causes that software, when run, to spread the virus to other executable software. Viruses may also contain a payload which performs other actions, often malicious. 2.3 A worm, on the other hand, is a program which actively transmits itself over a network to infect other computers. It too may carry a payload. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 34

35 2. COMPUTER VIRUSES AND WORMS These definitions lead to the observation that a virus requires user intervention to spread, whereas a worm spreads automatically. Using this distinction, infections transmitted by or Microsoft Word documents, which rely on the recipient opening a file or to infect the system, would be classified as viruses rather than worms. 2.5 Some writers in the trade and popular press appear to misunderstand this distinction, and use the terms interchangeably. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 35

36 2. COMPUTER VIRUSES AND WORMS Before Internet access became widespread, viruses spread on personal computers by infecting programs or the executable boot sectors of floppy disks. By inserting a copy of itself into the machine code instructions in these executables, a virus causes itself to be run whenever the program is run or the disk is booted. Early computer viruses were written for the Apple II and Macintosh, but they became more widespread with the dominance of the IBM PC and MS-DOS system. Executable-infecting viruses are dependent on users exchanging software or boot floppies, so they spread heavily in computer hobbyist circles. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 36

37 2. COMPUTER VIRUSES AND WORMS The first worms, network-borne infectious programs, originated not on personal computers, but on multitasking Unix systems. The first well-known worm was the Internet Worm of 1988, which infected SunOS and VAX BSD systems. Unlike a virus, this worm did not insert itself into other programs. Instead, it exploited security holes in network server programs and started itself running as a separate process. This same behavior is used by today's worms as well. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 37

38 2. COMPUTER VIRUSES AND WORMS With the rise of the Microsoft Windows platform in the 1990s, and the flexible macro systems of its applications, it became possible to write infectious code in the macro language of Microsoft Word and similar programs. These macro viruses infect documents and templates rather than applications, but rely on the fact that macros in a Word document are a form of executable code. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 38

39 2. COMPUTER VIRUSES AND WORMS Today, worms are most commonly written for the Windows OS, although a small number are also written for Linux and Unix systems. Worms today work in the same basic way as 1988's Internet Worm: they scan the network for computers with vulnerable network services, break in to those computers, and copy themselves over. Worm outbreaks have become a cyclical plague for both home users and businesses, eclipsed recently in terms of damage by spyware. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 39

40 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS TROJAN HORSES. For a malicious program to accomplish its goals, it must be able to do so without being shut down, or deleted by the user or administrator of the computer it's running on. Concealment can also help get the malware installed in the first place. When a malicious program is disguised as something innocuous or desirable, users may be tempted to install it without knowing what it does. This is the technique of the Trojan horse or trojan. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 40

41 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS Broadly speaking, a Trojan horse is any program that invites the user to run it, but conceals a harmful or malicious payload. The payload may take effect immediately and can lead to many undesirable effects, such as deleting all the user's files, or more commonly it may install further harmful software into the user's system to serve the creator's longer-term goals. Trojan horses known as droppers are used to start off a worm outbreak, by injecting the worm into users' local networks. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 41

42 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS One of the most common ways that spyware is distributed is as a Trojan horse, bundled with a piece of desirable software that the user downloads from the Internet. When the user installs the software, the spyware is installed alongside. Spyware authors who attempt to act in a legal fashion may include an end- user license agreement which states the behavior of the spyware in loose terms, and which the users are unlikely to read or understand. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 42

43 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS ROOTKITS. Once a malicious program is installed on a system, it is often useful to the creator if it stays concealed. The same is true when a human attacker breaks into a computer directly. Techniques known as rootkits allow this concealment, by modifying the host operating system so that the malware is hidden from the user. Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Originally, a rootkit was a set of tools installed by a human attacker on a Unix system where the attacker had gained administrator (root) access. Today, the term is used more generally for concealment routines in a malicious program. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 43

44 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS Some malicious programs contain routines to defend against removal: not merely to hide themselves, but to repel attempts to remove them. An early example of this behavior is recorded in the Jargon File tale of a pair of programs infesting a Xerox CP-V V timesharing system: Each ghost-job would detect the fact that the other had been killed, and would start a new copy of the recently slain program within a few milliseconds. The only way to kill both ghosts was to kill them simultaneously (very difficult) or to deliberately crash the system. [21] [21] 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 44

45 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS Similar techniques are used by some modern malware, wherein the malware starts a number of processes which monitor one another and restart any process which is killed off by the operator. 3.7 BACKDOORS. A backdoor is a method of bypassing normal authentication procedures. Once a system has been compromised (by one of the above methods, or in some other way), one or more backdoors may be installed, in order to allow the attacker access in the future. 3.8 The idea has often been suggested that computer manufacturers preinstall backdoors on their systems to provide technical support for customers, but this has never been reliably verified. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 45

46 3. TROJAN HORSES, ROOTKITS, AND BACKDOORS Crackers typically use backdoors to secure remote access to a computer, while attempting to remain hidden from casual inspection. To install backdoors crackers may use Trojan horses, worms, or other methods. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 46

47 4. MALWARE FOR PROFIT: SPYWARE, BOTNETS, KEYSTROKE LOGGERS, AND DIALERS During the 1980s and 1990s, it was usually taken for granted that malicious programs were created as a form of vandalism or prank (although some viruses were spread only to discourage users from illegal software exchange.) More recently, the greater share of malware programs have been written with a financial or profit motive in mind. This can be taken as the malware authors' choice to monetize their control over infected systems: to turn that control into a source of revenue. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 47

48 4. MALWARE FOR PROFIT: SPYWARE, BOTNETS, KEYSTROKE LOGGERS, AND DIALERS Since 2003 or so, the most costly form of malware in terms of time and money spent in recovery has been the broad category known as spyware.[citation needed] Spyware programs are commercially produced for the purpose of gathering information about computer users, showing them pop-up ads, or altering web-browser browser behavior for the financial benefit of the spyware creator. For instance, some spyware programs redirect search engine results to paid advertisements. Others, often called "stealware" stealware" " by the media, overwrite affiliate marketing codes so that revenue goes to the spyware creator rather than the intended recipient. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 48

49 4. MALWARE FOR PROFIT: SPYWARE, BOTNETS, KEYSTROKE LOGGERS, AND DIALERS Spyware programs are sometimes installed as Trojan horses of one sort or another. They differ in that their creators present themselves openly as businesses, for instance by selling advertising space on the pop-ups created by the malware. Most such programs present the user with an end-user license agreement which purportedly protects the creator from prosecution under computer contaminant laws. However, spyware EULAs have not yet been upheld in court. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 49

50 4. MALWARE FOR PROFIT: SPYWARE, BOTNETS, KEYSTROKE LOGGERS, AND DIALERS Another way that financially-motivated malware creators can profit from their infections is to directly use the infected computers to do work for the creator. Spammer viruses, such as the Sobig and Mydoom virus families, are commissioned by e spam gangs. The infected computers are used as proxies to send out spam messages. The advantage to spammers of using infected computers is that they are available in large supply (thanks to the virus) and they provide anonymity, protecting the spammer from prosecution. Spammers have also used infected PCs to target anti-spam organizations with distributed denial-of of-service attacks. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 50

51 4. MALWARE FOR PROFIT: SPYWARE, BOTNETS, KEYSTROKE LOGGERS, AND DIALERS In order to coordinate the activity of many infected computers, attackers have used coordinating systems known as botnets.. In a botnet,, the malware or malbot logs in to an Internet Relay Chat channel or other chat system. The attacker can then give instructions to all the infected systems simultaneously. Botnets can also be used to push upgraded malware to the infected systems, keeping them resistant to anti-virus software or other security measures. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 51

52 4. MALWARE FOR PROFIT: SPYWARE, BOTNETS, KEYSTROKE LOGGERS, AND DIALERS Lastly, it is possible for a malware creator to profit by simply stealing from the person whose computer is infected. Some malware programs install a key logger, which copies down the user's keystrokes when entering a password, credit card number, or other information that may be useful to the creator. This is then transmitted to the malware creator automatically, enabling credit card fraud and other theft. Similarly, malware may copy the CD key or password for online games, allowing the creator to steal accounts or virtual items. 7-9 Oct 2008, Sofia Prof. DSc Eugene Nickolov 52

INSTRUCTOR NOTES ON 08 Computer Protection HAND OUT THE COMPUTER PROTECTION BROCHURE

INSTRUCTOR NOTES ON 08 Computer Protection HAND OUT THE COMPUTER PROTECTION BROCHURE INSTRUCTOR NOTES ON 08 Computer Protection Seminar intro Talking Points This seminar has two major topics: 1. What is a virus and how many virus types are there? 2. How do I protect against them? HAND

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc. Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Cyber Security a Global Challenge; What and how Thailand is doing

Cyber Security a Global Challenge; What and how Thailand is doing Cyber Security a Global Challenge; What and how Thailand is doing Pansak SIRIRUCHATAPONG Executive Director National Electronics and Computer Technology Center February 19, 2009 1 Global IT Security Market

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

COB 302 Management Information System (Lesson 8)

COB 302 Management Information System (Lesson 8) COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this

More information

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

When you listen to the news, you hear about many different forms of computer infection(s). The most common are: Access to information and entertainment, credit and financial services, products from every corner of the world even to your work is greater than ever. Thanks to the Internet, you can conduct your banking,

More information

Security A to Z the most important terms

Security A to Z the most important terms Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from

More information

WHITE PAPER. Understanding How File Size Affects Malware Detection

WHITE PAPER. Understanding How File Size Affects Malware Detection WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through

More information

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1 Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:

More information

Computer Security DD2395

Computer Security DD2395 Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare

More information

Countermeasures against Bots

Countermeasures against Bots Countermeasures against Bots Are you sure your computer is not infected with Bot? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Bot? Bot is a computer

More information

Spyware: Securing gateway and endpoint against data theft

Spyware: Securing gateway and endpoint against data theft Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Top tips for improved network security

Top tips for improved network security Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

More information

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent

More information

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

Protection for Mac and Linux computers: genuine need or nice to have?

Protection for Mac and Linux computers: genuine need or nice to have? Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

Stopping zombies, botnets and other email- and web-borne threats

Stopping zombies, botnets and other email- and web-borne threats Stopping zombies, botnets and other email- and web-borne threats Hijacked computers, or zombies, hide inside networks where they send spam, steal company secrets, and enable other serious crimes. This

More information

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

Statistical Analysis of Internet Security Threats. Daniel G. James

Statistical Analysis of Internet Security Threats. Daniel G. James Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World Chapter 11 Manage Computing Securely, Safely and Ethically Discovering Computers 2012 Your Interactive Guide to the Digital World Objectives Overview Define the term, computer security risks, and briefly

More information

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Network Security and the Small Business

Network Security and the Small Business Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,

More information

Emerging Trends in Malware - Antivirus and Beyond

Emerging Trends in Malware - Antivirus and Beyond Malware White Paper April 2011 Emerging Trends in Malware - Antivirus and Beyond One need only listen to the news or read the latest Twitter and media updates to hear about cyber crime and be reminded

More information

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need

More information

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK Prepared By: Raghda Zahran, Msc. NYIT-Jordan campus. Supervised By: Dr. Lo ai Tawalbeh. November 2006 Page 1 of 8 THE WAR AGAINST BEING AN INTERMEDIARY

More information

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation By Marc Ostryniec, vice president, CSID The increase in volume, severity, publicity and fallout of recent data breaches

More information

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500 INFO 1500 9. Information Assurance and Security, Protecting Information Resources 11. ecommerce and ebusiness Janeela Maraj Tutorial 9 21/11/2014 9. Information Assurance and Security, Protecting Information

More information

Cybersecurity for the C-Level

Cybersecurity for the C-Level Cybersecurity for the C-Level Director Glossary of Defined Cybersecurity Terms A Active Attack An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources,

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

FORBIDDEN - Ethical Hacking Workshop Duration

FORBIDDEN - Ethical Hacking Workshop Duration Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

Beyond the Hype: Advanced Persistent Threats

Beyond the Hype: Advanced Persistent Threats Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,

More information

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy 1.0 BACKGROUND AND PURPOSE Information Technology ( IT ) includes a vast and growing array of computing, electronic and voice communications facilities and services. At the Colorado School of Mines ( Mines

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness User IDs and Passwords Home Computer Protection Protecting your Information Firewalls Malicious Code Protection Mobile Computing Security Wireless Security Patching Possible Symptoms

More information

Data Management Policies. Sage ERP Online

Data Management Policies. Sage ERP Online Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...

More information

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements

More information

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software Cryptography and Network Security Chapter 21 Fifth Edition by William Stallings Chapter 21 Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature:

More information

What is Really Needed to Secure the Internet of Things?

What is Really Needed to Secure the Internet of Things? What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices

More information

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some

More information

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 Outline Infosec, COMPUSEC, COMSEC, and Network Security Why do we need Infosec and COMSEC? Security

More information

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers Multi-State Information Sharing and Analysis Center (MS-ISAC) U.S.

More information

ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS

ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security

More information

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Lab Exercises Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Review Questions 1) In class, we made the distinction between a front-door attack and

More information

Chapter 10. Privacy and Security. McGraw-Hill/Irwin. Copyright 2008 by The McGraw-Hill Companies, Inc. All rights reserved.

Chapter 10. Privacy and Security. McGraw-Hill/Irwin. Copyright 2008 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 10 Privacy and Security McGraw-Hill/Irwin Copyright 2008 by The McGraw-Hill Companies, Inc. All rights reserved. Competencies (Page 1 of 2) Page 282 Discuss the privacy issues related to the presence

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness William F. Pelgrin Chair Page 1 Introduction Information is a critical asset. Therefore, it must be protected from unauthorized modification, destruction and disclosure. This brochure

More information

Promoting Network Security (A Service Provider Perspective)

Promoting Network Security (A Service Provider Perspective) Promoting Network Security (A Service Provider Perspective) Prevention is the Foundation H S Gupta DGM (Technical) Data Networks, BSNL hsgupta@bsnl.co.in DNW, BSNL 1 Agenda Importance of Network Security

More information

The Leading Provider of Endpoint Security Solutions

The Leading Provider of Endpoint Security Solutions The Leading Provider of Endpoint Security Solutions Innovative Policies to Defend Against Next-Generation Threats Conrad Herrmann CTO and Co-Founder Zone Labs, Inc. Network Security Is an Uphill Battle

More information

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household This appendix is a supplement to the Cyber Security: Getting Started Guide, a non-technical reference essential for business managers, office managers, and operations managers. This appendix is one of

More information

Endpoint Security Management

Endpoint Security Management Endpoint Security Management LANDESK SOLUTION BRIEF Protect against security threats, malicious attacks and configuration vulnerabilities through strong endpoint security control and maintenance. Protect

More information

Malicious Software. Malicious Software. Overview. Backdoor or Trapdoor. Raj Jain. Washington University in St. Louis

Malicious Software. Malicious Software. Overview. Backdoor or Trapdoor. Raj Jain. Washington University in St. Louis Malicious Software Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

Cyber Security: Beginners Guide to Firewalls

Cyber Security: Beginners Guide to Firewalls Cyber Security: Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers This appendix is a supplement to the Cyber Security: Getting Started

More information

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor

More information

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013 Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013 BACKUP SECURITY AND THE CLOUD BACK UP ALWAYS BACK UP TO AN EXTERNAL DEVICE OR REMOVAL MEDIA- NEVER DIRECTLY ON TO YOUR COMPUTER IF

More information

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12 Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,

More information

Getting a Secure Intranet

Getting a Secure Intranet 61-04-69 Getting a Secure Intranet Stewart S. Miller The Internet and World Wide Web are storehouses of information for many new and legitimate purposes. Unfortunately, they also appeal to people who like

More information

Networking for Caribbean Development

Networking for Caribbean Development Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n

More information

Spyware. Summary. Overview of Spyware. Who Is Spying?

Spyware. Summary. Overview of Spyware. Who Is Spying? Spyware US-CERT Summary This paper gives an overview of spyware and outlines some practices to defend against it. Spyware is becoming more widespread as online attackers and traditional criminals use it

More information

Intrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security

Intrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security Insert photo here Intrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security 1 / 07 May 2008 / EDS The direction is changing.... 2 / 07 May 2008 / EDS Intrusion costs are rising

More information

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats Malicious Software Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Outline Viruses and Related Threats Malicious Programs The Nature of Viruses Antivirus

More information

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.

More information

Code of Connection (CoCo) for Devices Connected to the University s Network

Code of Connection (CoCo) for Devices Connected to the University s Network Code of Connection (CoCo) for Devices Connected to the University s Author Information Security Officer (Technical) Version V1.1 Date 23 April 2015 Introduction This Code of Connection (CoCo) establishes

More information

Cyber Security Solutions:

Cyber Security Solutions: ThisIsCable for Business Report Series Cyber Security Solutions: A Sampling of Cyber Security Solutions Designed for the Small Business Community Comparison Report Produced by BizTechReports.com Editorial

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Loophole+ with Ethical Hacking and Penetration Testing

Loophole+ with Ethical Hacking and Penetration Testing Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,

More information

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup

More information

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community A Sampling of Cyber Security Solutions Designed for the

More information

Managing Security Risks in Modern IT Networks

Managing Security Risks in Modern IT Networks Managing Security Risks in Modern IT Networks White Paper Table of Contents Executive summary... 3 Introduction: networks under siege... 3 How great is the problem?... 3 Spyware: a growing issue... 3 Feeling

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

Current Threat Scenario and Recent Attack Trends

Current Threat Scenario and Recent Attack Trends Current Threat Scenario and Recent Attack Trends Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In) Objectives Current Cyber space Nature of cyberspace and associated risks

More information

COMPUTER-INTERNET SECURITY. How am I vulnerable?

COMPUTER-INTERNET SECURITY. How am I vulnerable? COMPUTER-INTERNET SECURITY How am I vulnerable? 1 COMPUTER-INTERNET SECURITY Virus Worm Trojan Spyware Adware Messenger Service 2 VIRUS A computer virus is a small program written to alter the way a computer

More information

Information Security Threat Trends

Information Security Threat Trends Talk @ Microsoft Security Day Sep 2005 Information Security Threat Trends Mr. S.C. Leung 梁 兆 昌 Senior Consultant 高 級 顧 問 CISSP CISA CBCP M@PISA Email: scleung@hkcert.org 香 港 電 腦 保 安 事 故 協 調 中 心 Introducing

More information

Alexander Nikov. 9. Information Assurance and Security, Protecting Information Resources. Learning Objectives. You re on Facebook? Watch Out!

Alexander Nikov. 9. Information Assurance and Security, Protecting Information Resources. Learning Objectives. You re on Facebook? Watch Out! INFO 1500 Information Technology Fundamentals Learning Objectives 9. Information Assurance and Security, Protecting Information Resources Alexander Nikov Explain why information systems are vulnerable

More information

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference

More information

BE SAFE ONLINE: Lesson Plan

BE SAFE ONLINE: Lesson Plan BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take

More information

WEB ATTACKS AND COUNTERMEASURES

WEB ATTACKS AND COUNTERMEASURES WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

GlobalSign Malware Monitoring

GlobalSign Malware Monitoring GLOBALSIGN WHITE PAPER GlobalSign Malware Monitoring Protecting your website from distributing hidden malware GLOBALSIGN WHITE PAPER www.globalsign.com CONTENTS Introduction... 2 Malware Monitoring...

More information

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs EXECUTIVE SUMMARY Supervisory Control and Data Acquisition (SCADA) systems are used for remote

More information

Secure Your Mobile Workplace

Secure Your Mobile Workplace Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in

More information

Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats

Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats 1 of 2 November, 2004 Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle

More information

Module 5: Analytical Writing

Module 5: Analytical Writing Module 5: Analytical Writing Aims of this module: To identify the nature and features of analytical writing To discover the differences between descriptive and analytical writing To explain how to develop

More information

Global Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team

Global Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team Global Network Pandemic The Silent Threat Darren Grabowski, Manager NTT America Global IP Network Security & Abuse Team The Internet is in the midst of a global network pandemic. Millions of computers

More information

MOBILE MALWARE REPORT

MOBILE MALWARE REPORT TRUST IN MOBILE MALWARE REPORT THREAT REPORT: H2/2014 CONTENTS At a Glance 03-03 Forecasts and trends 04-04 Current situation: 4.500 new Android malware instances every day 05-05 Third-party App-Stores

More information

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003 Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while

More information

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information